One of the universities I know has a rather unique password policy. They issue shell accounts to all computing students with strong passwords that are unchangeable. It is done via the passwd -n flag ...

A friend of mine managed to expose both id_rsa and id_rsa.pub file from his server via apache. I mentioned to him that this is serious security issue but he brushed this off like it was no big deal. ...

I've been playing around with a router d-link dwr-921 and found some vulnerabilities in the web interface. I still haven't managed to get shell access and now I'm thinking about modifying the firmware ...

I was trying to connect a server using a different port when the network seemed too slow. It gives an ECDSA key, while the previous key in the known_hosts is RSA. I refused to continue the connection ...

I'm a software engineer and I'm maintaining a product that allows a user to run commands and scripts on Linux servers via an SSH connection. We now need to extend this functionality onto Windows.
We ...

I have a SSH server with a rule that does not allow password connections outside the local network.
So people already on the local network, either physically or via VPN, are allowed to connect with ...

I use ssh to get an encrypted connection between servers and local machines all the time. It's fast, it's secure, and there's a way to do it in nearly every system programming language that I've used ...

From my naive understanding of ssh, the server shares its public key ( /etc/shh/ssh_host_rsa_key.pub ) with the client, who then adds it to the list of known hosts ( /user/.ssh/known_hosts ). So, I ...

I am experiencing a security issue with one server that it happens that I manage. I will try to cite all relevant facts as briefly as possible. I am asking for any additional information and course of ...

We are thinking about using VPN to connect our remote office and the main office and also support developers working from home. To do this, we are planning to purchase 2 CISCO (or similar) routers to ...

I'm afraid this is quite a common question, but searching several times through the questions did not prove useful, and I'm really eager of knowledge here :D
I understand that keeping SSH private key ...

I am running a trial of Cobalt Strike which runs over the Metasploit Framework. I am trying to perform an SSH related attack on my laptop, and I get the error in the title for all SSH related attacks. ...

I am using CentOS 7.
I need to give shell access to ssh users but restrict them in a jail.
I have used jailkit to set up the jail. I have copied all necessary libraries, binaries that are needed for ...

Is there a way to log SSH sessions proxied through a machine (User-> SSH Proxy -> Server (with SSH)) without modifying the SSH daemon on the proxy? I need to log all the commands as well as responses ...

I'm new to SSH after a decade of dabbling with Ubuntu and other Linux builds. Today I successfully setup SSH, but I had a few hangups and headaches along the way. Although the system is now running ...

I have an ssh server. earlier toady, I was about to login to my server, when I got a message that said something along the lines of "Someone may be trying to do something nasty" and indicating a man ...

I have at my workstation, an ubuntu 14.04 installation with full disk encryption. I now have to travel frequently for days and am planning to ssh into this machine from my chromebook to work remotely.
...

I'm not much of a server administrator but I'm maintaining a virtual server with Ubuntu OS where my website is hosted. I often use ssh, ftp and MySQL. As my website gets popular, I want to make sure ...

How would I view all the authorised SSH clients from a unix server?
I know that cat ~/.ssh/authorized_keys shows authorised keys if logged in from root. Can other users set their own authorised keys ...

I can use my private key to generate a public key for use with ssh. I can use the same private key to generate a CSR, to generate a CLIENT certificate for HTTPS.
Specifically, my SSH public key is:
...

I have a Raspberry Pi connected to my home and at day 2 of this month I've opened the port 22 of my router so I could SSH it from anywhere. Today by curiosity, I decided to see the raspberry pi log, ...

I study at a college where most social networking sites are banned(Including this one) and if someone is found using them somehow is heavily fined.I just want to know what all can the network admin ...

I've just set up a Raspberry Pi 2 with the latest raspbian and installed some services.
For remote access I've installed tightvnc server which I set up to only allow connections from localhost. I can ...

Both OpenSSH and GPG can generate key pairs which are stored as files in well-known paths inside the user directory. A passphrase is always asked for during the generation process, which is then used ...